New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence AI-powered assistant's memory and run arbitrary code. "This exploit can allow attackers to infect...

EUVD-2025-30356

Malicious code in bioql PyPI...

EUVD-2023-59938

Malicious code in bioql PyPI...

AZL-67526 CVE-2025-39845 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCHPAGETABLESYNCMASK and archsynckernelmappings Define ARCHPAGETABLESYNCMASK and archsynckernelmappings to ensure page tables are properly synchronized when calling pdpopulatekernel. For 5-level paging,...

CVE-2025-39844

In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: unable t...

CVE-2025-39844 mm: move page table sync declarations to linux/pgtable.h

In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: unable t...

PT-2025-38552

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to page table synchronization when calling pd populate kernel. Specifically, the issue arises in systems utilizing 4-level paging and a substanti...

CVE-2023-53323

In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...

CVE-2023-53323

CVE-2023-53323 affects the Linux kernel ext2 with DAX on pmem: ext2/dax: Fix ext2_setsize when len is page aligned. The bug arises when PAGE_ALIGN(x) returns x for already-aligned x, causing dax_zero_range() to pass length 0 to iomap_begin(), which makes ext2_get_blocks() see max_blocks = 0 and t...

SAMEP: a Secure Protocol for Persistent Context Sharing across AI Agents

Current AI agent architectures suffer from ephemeral memory limitations, preventing effective collaboration and knowledge sharing across sessions and agent boundaries. We introduce SAMEP Secure Agent Memory Exchange Protocol, a novel framework that enables persistent, secure, and semantically...

kernel: virtio_pmem: add the missing REQ_OP_WRITE for flush bio

A flaw was discovered in the virtiopmem driver in the Linux kernel, where flush block I/O requests did not have the required REQOPWRITE operation code assigned before submission. Under workloads involving persistent memory block devices — for example, running mkfs.xfs on a pmem device,this omissi...

CVE-2022-49896 cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix cxlpmemregion and cxlmemdev leak When a cxlnvdimm object goes through a -remove event device physically removed, nvdimm-bridge disabled, or nvdimm device disabled, then any associated regions must also be disabled. ...

CVE-2024-50184

...

UBUNTU-CVE-2024-36275

NULL pointer dereference in some IntelR OptaneTM PMem Management software versions before CRMGMT02.00.00.4040, CRMGMT03.00.00.0499 may allow a authenticated user to potentially enable denial of service via local access...

Intel Optane PMem Management 安全漏洞

Intel Optane PMem Management is a memory technology from Intel Corporation USA. A security vulnerability exists in Intel Optane PMem Management that originates from a null pointer dereference. An attacker exploiting this vulnerability could cause a system denial of service...

UBUNTU-CVE-2024-50184

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Check device status before requesting flush If a pmem device is in a bad status, the driver side could wait for host ack forever in virtiopmemflush, causing the system to hang. So add a status check in the beginning o...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that when the CXL subsystem automatically assembles the pmem region during cxl endpoint port probin...

The vulnerability of microprogramming software for Intel Optane PMem 100 Series persistent memory modules, related to access segmentation deficiencies, allows attackers to exploit their privileges.

The vulnerability of microprogramming software for Intel Optane PMem 100 Series persistent memory modules is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

PT-2024-2699 · Intel +1 · Intel Optane Pmem +1

Name of the Vulnerable Software and Affected Versions: IntelR OptaneTM PMem software versions prior to 01.00.00.3547 IntelR OptaneTM PMem software versions prior to 02.00.00.3915 IntelR OptaneTM PMem software versions prior to 03.00.00.0483 Description: The issue is related to improper access...

GHSA-M974-XJ4J-7QV5 Boxo bitswap/server: DOS unbounded persistent memory leak

Impact An attacker is able allocate arbitrarily many bytes in the Bitswap server by sending many WANTBLOCK and or WANTHAVE requests which are queued in an unbounded queue, with allocations that persist even if the connection is closed. This affects users accepting untrusted connections with the...